Pirate Bay Browser Streaming Technology Is a Security and Privacy Nightmare

An anonymous reader writes: Last week the Pirate Bay added support for streaming video torrents inside the browser in real-time. Kickass Torrents followed the next week. The technology they used is called Torrents Time. A security researcher has discovered that this technology which is a mix of client and server side code is actually a security and user privacy disaster. Attackers can carry out XSS attacks on TPB and KAT, the app runs on Mac as root, attackers can hijack downloads and force malicious code on the user's PC, and advertisers can collect info on any user that has Torrents Time installed.

Re:I hope they hack Linux and BSD users

[Rik+Sweeney]

That's right! One renders your system inoperable, the other is a Windows fatal system error.

(ducks)

Re:Oh dear balls.

[tnk1]

Even The Pirate Bay itself is quite hacked code.

Remember that these softwares are made by amateurs who spent their time downloading warez instead of getting proper professional programming education.

Actually, I doubt that they lack CS education. What they lack is QA. "Good" developers with educations let this sort of shit through all the time. The businesses who make software actually make an effort to test their software for security and functionality.

The problem with these guys is that coding is sexy, QA is not.